From c593906c2675c1aa10d1ab4cde27713a16e31c2d Mon Sep 17 00:00:00 2001 From: holger krekel Date: Mon, 15 Jul 2024 14:22:32 +0200 Subject: [PATCH] fix dns zone file comment syntax --- cmdeploy/src/cmdeploy/chatmail.zone.j2 | 12 ++++++------ cmdeploy/src/cmdeploy/remote_funcs.py | 4 ++-- cmdeploy/src/cmdeploy/tests/data/zftest.zone | 4 ++-- cmdeploy/src/cmdeploy/tests/test_dns.py | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/cmdeploy/src/cmdeploy/chatmail.zone.j2 b/cmdeploy/src/cmdeploy/chatmail.zone.j2 index 491952e2..bcc08d7e 100644 --- a/cmdeploy/src/cmdeploy/chatmail.zone.j2 +++ b/cmdeploy/src/cmdeploy/chatmail.zone.j2 @@ -1,6 +1,6 @@ -# -# Required DNS entries for chatmail servers -# +; +; Required DNS entries for chatmail servers +; {% if A %} {{ chatmail_domain }}. A {{ A }} {% endif %} @@ -13,9 +13,9 @@ mta-sts.{{ chatmail_domain }}. CNAME {{ chatmail_domain }}. www.{{ chatmail_domain }}. CNAME {{ chatmail_domain }}. {{ dkim_entry }} -# -# Recommended DNS entries for interoperability and security-hardening -# +; +; Recommended DNS entries for interoperability and security-hardening +; {{ chatmail_domain }}. TXT "v=spf1 a:{{ chatmail_domain }} ~all" _dmarc.{{ chatmail_domain }}. TXT "v=DMARC1;p=reject;adkim=s;aspf=s" diff --git a/cmdeploy/src/cmdeploy/remote_funcs.py b/cmdeploy/src/cmdeploy/remote_funcs.py index c8423467..12ff3ff4 100644 --- a/cmdeploy/src/cmdeploy/remote_funcs.py +++ b/cmdeploy/src/cmdeploy/remote_funcs.py @@ -81,10 +81,10 @@ def check_zonefile(zonefile): recommended_diff = [] for zf_line in zonefile.splitlines(): - if "# Recommended" in zf_line: + if "; Recommended" in zf_line: required = False continue - if not zf_line.strip() or zf_line.startswith("#"): + if not zf_line.strip() or zf_line.startswith(";"): continue print(f"dns-checking {zf_line!r}") zf_domain, zf_typ, zf_value = zf_line.split(maxsplit=2) diff --git a/cmdeploy/src/cmdeploy/tests/data/zftest.zone b/cmdeploy/src/cmdeploy/tests/data/zftest.zone index 65a45e4a..5be19373 100644 --- a/cmdeploy/src/cmdeploy/tests/data/zftest.zone +++ b/cmdeploy/src/cmdeploy/tests/data/zftest.zone @@ -1,4 +1,4 @@ -# Required DNS entries for chatmail servers +; Required DNS entries for chatmail servers zftest.testrun.org. A 135.181.204.127 zftest.testrun.org. AAAA 2a01:4f9:c012:52f4::1 zftest.testrun.org. MX 10 zftest.testrun.org. @@ -6,7 +6,7 @@ _mta-sts.zftest.testrun.org. TXT "v=STSv1; id=202403211706" mta-sts.zftest.testrun.org. CNAME zftest.testrun.org. www.zftest.testrun.org. CNAME zftest.testrun.org. opendkim._domainkey.zftest.testrun.org. TXT "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYt82CVUyz2ouaqjX2kB+5J80knAyoOU3MGU5aWppmwUwwTvj/oSTSpkc5JMtVTRmKKr8NUDWAL1Yw7dfGqqPHdHfwwjS3BIvDzYx+hzgtz62RnfNgV+/2MAoNpfX7cAFIHdRzEHNtwugc3RDLquqPoupAE3Y2YRw2T5zG5fILh4vwIcJZL5Uq6B92j8wwJqOex" "33n+vm1NKQ9rxo/UsHAmZlJzpooXcG/4igTBxJyJlamVSRR6N7Nul1v//YJb7J6v2o0iPHW6uE0StzKaPPNC2IVosSRFbD9H2oqppltptFSNPlI0E+t0JBWHem6YK7xcugiO3ImMCaaU8g6Jt/wIDAQAB;s=email;t=s" -# Recommended DNS entries +; Recommended DNS entries _submission._tcp.zftest.testrun.org. SRV 0 1 587 zftest.testrun.org. _submissions._tcp.zftest.testrun.org. SRV 0 1 465 zftest.testrun.org. _imap._tcp.zftest.testrun.org. SRV 0 1 143 zftest.testrun.org. diff --git a/cmdeploy/src/cmdeploy/tests/test_dns.py b/cmdeploy/src/cmdeploy/tests/test_dns.py index 6cd45052..eba0e904 100644 --- a/cmdeploy/src/cmdeploy/tests/test_dns.py +++ b/cmdeploy/src/cmdeploy/tests/test_dns.py @@ -90,7 +90,7 @@ class TestZonefileChecks: def test_check_zonefile_recommended_not_set(self, cm_data, mockdns_base): zonefile = cm_data.get("zftest.zone") - zonefile_mocked = zonefile.split("# Recommended")[0] + zonefile_mocked = zonefile.split("; Recommended")[0] parse_zonefile_into_dict(zonefile_mocked, mockdns_base) required_diff, recommended_diff = remote_funcs.check_zonefile(zonefile) assert not required_diff @@ -98,7 +98,7 @@ class TestZonefileChecks: def test_check_zonefile_output_required_fine(self, cm_data, mockdns_base, mockout): zonefile = cm_data.get("zftest.zone") - zonefile_mocked = zonefile.split("# Recommended")[0] + zonefile_mocked = zonefile.split("; Recommended")[0] parse_zonefile_into_dict(zonefile_mocked, mockdns_base, only_required=True) mssh = MockSSHExec() res = check_full_zone(mssh, mockdns_base, out=mockout, zonefile=zonefile)